root cannot use passwd command to change NIS password
As root on the NIS Server machine, trying to change an NIS user's password using the passwd command fails with:
NIS password could not be changed.
passwd: Failed preliminary check by password service
Using the yppasswd command succeeds, but according to the man page, this is deprecated in favor of the regular passwd command.
Logs show the following:
passwd: pam_unix(passwd:chauthtok) : password not changed for user on server
rpc.yppasswdd: update user (uid=20053) from host <ipaddr> rejected
rpc.yppasswdd: Invalid password
I can change the password as the user himself, but not as root.
Can anyone help solve this problem?
1. su to the user
2. change the password as that user
3. exit back to root.
Maybe I am missing something?
Shouldn’t passwd detect that it’s a local change anyway. I.e. perform a usual passwd and run make -C /var/yp to rebuild the tables afterwards?
If the user changes his own password: does it say that it was changed at the NIS server?
when run as the user, passwd prompts for the user's current password, which the admin does not have. when run as root, current password is not needed. This is also the behaviour we are used to on our Solaris nis server. yppasswd does work however, so that could be a workaround (but it prompts for the root password first).
when run as the user, passwd does indeed make the change on the NIS master (thru the yppasswdd daemon). That's why I expect it to work as root also. unfortunately, it does not.
Maybe it has to do with the fact that I do not keep the NIS passwd file in /etc, but in another dir. Also, I am not using shadow passwords for NIS. Everything else is working fine though (make succeeds, login authentication is OK).
But root can’t be authorized via yppasswd hence it’s denied I think. For me passwd on the headnode detects that it’s local and makes direct changes and runs the make command to rebuild the tables. What is in /etc/yp.conf?
|All times are GMT -5. The time now is 10:22 PM.|